[tor-project] Network-team meeting notes, 30 Oct 2017

Nick Mathewson nickm at torproject.org
Mon Oct 30 17:56:01 UTC 2017

Hi!  You can see today's meeting transcript here:


Here are the updates from our pad:

Network team meeting pad, 23 October 2017

Welcome to our meeting!  Every monday at 1700 UTC on #tor-meeting on OFTC.
(This channel is logged while meetings are in progress.)

Want to participate?  Awesome!  Here's what to do:
    1. If you have updates, enter them below, under your name.
    2. If you see anything you want to talk about in your updates, put them
in *boldface*!
    3. Show up to the IRC meeting and say hi!

Note the meeting location: #tor-meeting on OFTC!
for background.)

Meeting notes from last week:
    * http://5jp7xtmox6jyoqd5.onion/p/QKh0bLHntAJ1
    * https://pad.riseup.net/p/QKh0bLHntAJ1

    * Remember, this meeting is 1700 UTC, no matter what local time is.
Watch for daylight saving changes in October or November.
    * Team rotation:
    * Review-group-24 still has unreviewed tickets!

*Discussion topics:*
    * Do we want to plan a hackfest in 2018? I sent some options to the
list. (teor)
    * *Do we want/need any additional proposals for guard-discovery other
than Prop247 updates?*
      (See the SponsorV page for lists of guard discovery tickets and a
rough roadmap - this
       should help us decide)
    * Notes from network team working sessions- is there a place to find
       [I still have the notes from the
meeting, and I've forgotten to type them up. I'll do that this morning and
send to notes at . —isis]
       [note that you can also probably just photograph them and send them
to notes@, if you run out of time to type. -nm]

Updates: (Please use *boldface* to indicate discussion topics)

teor (offline):
    Last week:

   - *    - I keep seeing "Attempt to open a stream on first hop of
   circuit" warnings in chutney in recent master and 0.3.2, anyone know why?

   - [NM: dgoulet notes that we removed the AllowSingleHopExits option
   recently. Could that be at fault?]

        - Proposed moving IPv6 ORPorts to the microdesc consensus
(prop#283, #20916 and children), and discussed the draft proposal with the
dir-auth list
        - Tried to help arthuredelstein diagnose Tor Browser connection
timeouts: we think it's caused by overloaded exits, which probably needs
some bandwidth authorities to change location, or more bandwidth
authorities (#21394)
        - Ripped out buggy IPv6-specific v3 single onion service code, but
kept support for IPv4 v3 single onion services (#23820)
        - We want to reduce relay bandwidth stats intervals, to make client
guards harder to find using these stats (#23856)
        - More fun with missing microdescriptors! (#21969 and children)
        - Post-travel admin
        - Experimental PrivCount deployments, bug fixes, and feature
    This week:
        - Experimental PrivCount onion service client descriptor fetches,
intro and rend failure counts
        - Nudge the prop#283 thread, and once we're sure we want it, get
the code reviewed

mikeperry (offline - biological timezone and sleep issues):
    Last Week:
         - Recovering from illness, slowly but surely.
         - Wrote a plan for Guard discovery:
https://trac.torproject.org/projects/tor/wiki/org/sponsors/SponsorV - *Please
comment and/or update*it! I will check scrollback.
          [NM: Poked asn, teor, armadev about this.]
    This week:
         - Finishing up #23100 and #23114 (basically they need tests and
asn had some trac comments as well).
         - If time/energy, start writing an experiment plan for the prop247
performance simulator.

    Last Week:
        - Six releases. Whee!
        - Reviewed and merged a bunch
        - Including the protover-in-rust code!

   -         - *Are the doc/HACKING/*Rust.md documents up-to-date*?

   - CK: I am planning on reviewing these this week to fix up anything that

   - [ I'm also happy to go over them. —isis]

        - Met with Isabela for roadmapping, planning, catch up
        - Helped a little with modularization proposal
        - worked on hsdescv3 fuzzing a little
    This week:
        - Wrap up october tasks; plan more about november. *(Remember the
        - Review and merge more stability fixes for <= 0.3.2
        - Write two or three proposals/design docs:
            - Improved APIs for control on mobile/embedded systems
            - Privcount with shamir-style secret splitting (if somebody can
help figure out the math)
            - Ed25519 ID -> Consensus proposal
            - Coordinate w/ other teams on roadmap dependency issues
        - Follow up to Tim's n-t-s email.

komlo (offline):
    Last week:

   -  - Helped with the protover-in-rust merge!

    This week:
    - Work on fixing up some post-review improvements (#24029 and #24032)


   - Last week:

   - nothing

   - This week:

   - - Try to learn Rust and contribute something

   - - Maybe, I will take a look on fuzzing some http request


    This week:
    -Try to figure out how tor works and look at some easy tickets to find
an interesting one.

    Last week:
        Sponsor 8:
        - Reviewed ticket #23845, #23848, and #23900.
        - Upstreamed some small patches to help profiling of Tor on Android
to Orbot: github.com/n8fr8/orbot/pull/91
        - Meeting with Isabela + Nick about the modularization proposal.
        - Looked into an issue in Orbot: github.com/n8fr8/orbot/issues/90
        - Looked into simpleperf again with some more luck. Some sample
reports can be seen at
        - Rebased my Orbot repository with Nathan's recent changes to
upstream Orbot.
        - Opened #24061 (master) + #24062, #24063, #24064 and #24065 to
track S8 performance work and added them to
          milestone spreadsheet.
        - Random small catch ups from notes from Montreal.
    This week:
        Sponsor 8:
        - Profiling of memory + CPU + battery baseline, discuss results and
          figure out where we should dive in first in November (#24065).
        - Update build instructions and hopefully get someone else to try
it out.
        Sponsor 4:
        - Look into Nick's review in #22275 that got lost in all the
BornHack stress in August/September.
        - Bug triage duty.
        - End of the month tasks: Harvest + Montreal reimbursement.

  Last week:
    - Worked on all my assigned 032 tickets which was most of my week.
    - Investigated the possible reasons on why we've lost ~500 Running
      in the network. I didn't want to exclude a tor bug.
    - Did some scheduler design work, no code yet. (#23993)
    - Writing an email for tor-dev@ that should go out soon about the state
      connection/channel/scheduler for us to understand better the problem
      are facing with the scheduler subsystem.
   This week:
    - Continue the work on 032 tickets and hopefully review some!
    - More progress for the scheduler work (#23993) because it might not be
      that small and 033 merge window is open!
    - Need to tackle the HS circuit timeout situation basically write down
      current state and discuss at least with Mike what to fix or change.

    last week (2017-W43):
        - HackerOne triage
        - we might want to refine our HackerOne policy somewhat
        - reviewing #23816 (jittered backoff)
        - reviewing #23532 (add_laplace_noise())
    this week (2017-W44):
        - follow up on some HackerOne stuff
        - more review of #23816 and #23532
        - *how hard do we want to investigate why 0.2.9 seems not to be
vulnerable to the #20532 bridge bypass?*

   -         [NM: If we are fairly sure that the bypass doesn't happen,
   let's ascribe it to the big guard rewrite in 0.3.0]

    last week:
        - reviewed/patched #18329 and #23594, so BridgeDB will now not
distribute bridges that request not to be distributed
        - looked into an issue with some bridges not marked running (#23958)
        - started a patch for #16564 to keep bridges (with a
"bridge-distribution-request" server descriptor line) out of the consensus
        - signed up for Tor's HackerOne
*          * would someone be willing to answer some questions about
triage?     *
*          * there's TB bugs in there, do we triage those?  is there
another account for TB?     *
*          * there's non-security bugs in there, do i just make normal
tickets for those?  *
*          * how does giving people credit for finding bugs work? do i just
credit them for any bug, even if it's not a vuln? *
    this week:
        - getting integration tests for moat to pass (#15957)

   - - more roadmap, making tickets, triaging

   - - spec writing

    Last week:
        - submitted the modularization proposal
        - met with Nick to talk about the team roadmap - specially november
and december tasks.
    This week:
        - working with team leads on inter-team roadmap sharing - will send
emails on this later today
        - sponsor8 report for august and september
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-project/attachments/20171030/ca9af3f8/attachment-0001.html>

More information about the tor-project mailing list